There is a great deal of finger pointing going on about the apparent and alleged leak of the SITE tip given to the White House which was apparently shared with some in the intelligence community, and it was then leaked to the press.  Given this is in the earliest stage of finger pointing and I have absolutely no clue whether any of this is true I will say this: if someone illegally and inappropriately “leaked” this information on their own, they should be punished in the most severe way possible.  But the whole issue with cyberspace and the internet is so complicated.

Let’s compare the internet, a website, and competing agencies and organizations to combat and whether or how to shut down a communications link or a radar site.  During pre-hostilities planning (think pre-Desert Storm or pre-Operation Iraqi Freedom) Intel collection analysts will want to keep the information flowing because they want to “vacuum the take.”  But then if you are the lead fighter formation crossing the battle line, you want assurances that everything possible can be done to shut down anything that can hurt you, starting with the longest range radars which will see you coming, then the targeting radars which might acquire you, and finally, the missile or gun firing platforms that can hit you.

So, you have meetings to decide what, when, if, and how they will be shut down. These sorts of meeting can get very contentious and quite often, the folks flying the missions may have absolutely no idea nor the proper clearances to know who or why certain actions are or are not being taken.  In fact, certain logical targets will be on a “withhold list” in other words, in no way can anyone hit that target (at least not knowingly) because it’s too valuable to monitor.  

Compared to the internet, the problem of dealing with an air defense structure is very very easy.  With cyberspace, anyone is a collector and anyone is a “shooter.”  Now, you have a government and private individuals, all seemingly supporting us, the good guys with almost no one directing traffic or deconflicting actions.  Do you conduct a denial of service attack against a website, or do you let it stay up and watch the traffic?  Do you hack into it and slip in a worm or do you slow it down and let the bad guys think everything is A-OK?  

Once again, I reiterate, I have no clue what happened in this case, but it sounds like SITE was exploiting the website and they (effectively) lost their access.  Other competing companies have claimed they still had websites they could exploit. Today, I heard a former FBI official commenting on a cable news show as to how super-dooper our intelligence agencies and capabilities are and how folks like SITE are much less capable.  Well, that sounds like some serious hubris to me.  In fact, I have wanted to blog about three women I’ve never met, but have gotten a great deal of credit in the open source world:

-- Rita Katz, previously discussed founder of SITE

-- Laura Mansfield  who also monitors bad guys websites

-- and last but not least, terrorist sleuther Judge Shannen Rossmiller who has helped convict would be terrorists by posing on the internet as one

These women are constantly referred to for their finds and their work against terrorists, especially on the internet. Anyone that seriously believes in a system as open and as constantly morphing as the internet, that our intelligence agencies are omnipotent is a deluded fool or a braggart. I'm sure we have diligent and capable people but it's a big world out there with lots of internets.  I have no doubt that people like the above three women and many more like them around the world, are privately sleuthing and coming across stuff our intel agencies don’t have a clue.  And it’s not that they are (necessarily) incompetent, it’s just the sheer volume of stuff is overwhelming.

Now we get to the crux of today’s lesson, can the intel agencies really change, can they cooperate, can an analyst who knows something, tell it to a decision maker, and as importantly, how do we embrace private hunters so we are working together and not at cross purposes?  This is very tough stuff people…keep reading….

Today, Noah Schactman of Wired Magazine’s Danger Room wrote two back to back posts, the first on the “leak” and the second was a link to a site named “Haft of the Spear” claiming SITE is justified in their outrage.  The Haft of the Spear's author is Michael Tanji and is apparently a veteran intel analyst, bio here.  He makes the point that “adults aren’t in charge.” In another post, he implores the “mob” not to try and take things in their own hands and really screw up our intel agencies. But, he then links to a guy’s blog named “Jesserwilson’s Weblog” which is also good reading and he discusses “Intellipedia” and the Intel community’s attempt to replicate Wikipedia on the “high side” (classified systems) Jesse Wilson has three comments on Intellipedia and his solutions are all spot on and the whole thing should be read:

•  Problem 1: Seniors Won’t Use It: meaning senior and older people are VERY resistant to change, new, collaboration, etc.  Solution: It’s not a matter of if seniors will use it; it’s a matter of when. 
• Problem 2: It’s never finished, and thus never usable.  Meaning it’s always a work of art and never finished like a typical intel product   Solution: Processes are evolving that do indicate the article’s status.  
• Problem 3: It Perpetuates Bad Information: Meaning not everything posted is necessarily recent or perfectly accurate.  But since it’s on the high side, you’ll have much less chance of someone intentionally spoofing    Solution: It Perpetuates Continuous Self-Correction through Peer-Review   

• He posts an extract from a message from General Cartwright, then Commander of StratCom and now Vice Chairman of the Joint Chiefs.  He heard that mid level bosses, Majors and LtCol were telling young troops not to post because they were too junior and the General’s reply:    “The metric is what the person has to contribute, not the person’s rank, age, or level of experience. If they have the answer, I want the answer. When I post a question on my blog, I expect the person with the answer to post back. I do not expect the person with the answer to run it through you, your OIC, the branch chief, the exec, the Division Chief and then get the garbled answer back before he or she posts it for me. The Napoleonic Code and Netcentric Collaboration cannot exist in the same space and time. It’s YOUR job to make sure I get my answers and then if they get it wrong or they could have got it righter, then you guide them toward a better way… but do not get in their way.”  

Finally, Wilson links to this blog called Defenstrated which points to a 30 minute online briefing about Intellipedia. This briefing by Chris Rasmussen, Knowledge Management Officer, Intellipedia, National Geospatial-Intelligence Agency, and Department of Defense is 30 minutes long and worth a look if you want to see some of the challenges we face.  He discusses that “Intellipedians” also use Flickr type photo sharing, blogging, and other modern products.  This is almost a graduate level course for us oldies, for you young folks, you’ll get it!